Tag: Cybersecurity

  • Cop Connect Café: Zscaler And ISAC Foundation Unveil New Cybersecurity Unit In Bengaluru’s DSATM | Internet & Social Media News

    In a bid to tackle the rising cybercrime issues in India, Zscaler, a leading cybersecurity firm, and ISAC Foundation, a non-profit organisation in cybersecurity, have launched the ‘Cop Connect Café’ at Dayananda Sagar Academy of Technology & Management (DSATM) in Bengaluru. This venture, part of Zscaler’s Corporate Social Responsibility (CSR) program, is aimed at promoting cyber hygiene and security within communities around the world.

    The recent inauguration of the new café in Bangalore will offer the community a secure environment to receive expert help and advice on cyber fraud issues. The café integrates a team of cyber psychologists, technical specialists, and legal consultants to provide comprehensive, personalized support to those affected by cybercrimes.

    Speaking at the event, Karnataka High Court Judge H.P. Sandesh highlighted the café’s role in providing immediate help to cybercrime victims and emphasized the importance of using technology to prevent cybercrimes. 

    In partnership with ISAC, the café aims to develop a strong cybersecurity network in the region by empowering individuals with the knowledge, training, and assistance required to counteract online threats. Additionally, the café will organize general cybersecurity awareness sessions and establish women safety clubs to enhance cyber hygiene within colleges.

    Vishal Gautam, Vice President of Engineering and Site Managing Director at Zscaler, underscored the significance of cybersecurity awareness and hygiene in India, likening it to the Swachh Bharat Abhiyan cleanliness initiative. He stressed the necessity of collaboration between the public and private sectors to address the escalating cyber-attack threats.

    Rajshekhar P, Founder Director of ISAC, pointed out that while cybersecurity awareness and cybercrime first aid are fundamental to Cop Connect Café, tools like the Hacked Or Not Kiosk (HONK) play a crucial role in safeguarding individuals and their internet-connected devices.

    ISAC Foundation works with CERT-IN, AICTE, and the Ministry of Education to bolster India’s cybersecurity landscape. Zscaler is actively investing in setting up Cop Connect Cafés in educational institutions nationwide. These cafés offer a specialized space for the public and students to obtain expert assistance and support in dealing with cyber fraud incidents.

  • boAt Hit With Massive Data Breach, Over 7.5 Million Customers At Risk Of Losing Personal Info |

    New Delhi: In a recent cyberattack, India’s leading audio brand, boAt, has suffered a data breach that has left the personal information of more than 7.5 million customers. This breach has exposed personal information, including names, addresses, contact numbers, email IDs, customer IDs, and more, putting users’ bank accounts and other private data at risk. 

    Despite the severity of the situation, boAt has not yet released an official statement regarding the incident. Notably, Forbes initially reported on the breach. 

    The breach was revealed by a hacker identifying as ShopifyGUY, who asserted to have breached boAt Lifestyle’s database on April 5. The hacker shared files containing the compromised data, reportedly comprising 7,550,000 entries, within a dark web forum. (Also Read: WhatsApp Call Scam Alert! Be Cautious If You Receive Calls From These Numbers, Government Warns)

    What Could Happen After This Breach: 

    As you may know, if a hacker obtains access to the database, they can utilize your phone number and email ID to not only circumvent device security but also send phishing emails. These emails can be utilized to pilfer data or even money by infecting your devices with malware.

    These scammers may contact you, armed with all your information, and attempt tomake them click on website links to download apps, or any other form to perform actions. 

    boAt- Second Most Popular Brand  

    boAt, established in 2016 by Aman Gupta and Sameer Mehta, has garnered recognition for its cost-effective audio products and wearable devices, emerging as the second most wearable brand in India. Despite the recent breach, the Gurugram-based company has experienced substantial growth, achieving sales exceeding Rs3,000 crore in March 2023. (Also Read: https://zeenews.india.com/technology/nothing-set-to-launch-nothing-ear-and-nothing-ear-a-earbuds-in-india-check-date-2737912.html)

    The homegrown consumer electronics company has filed its IPO documents in 2021 but postponed the offering owing to market fluctuations. It’s worth mentioning that boAt faces competition from brands such as Fire-Boltt, Noise, Xiaomi, and Samsung.

  • Beware Of Calls Impersonating DoT, Threatening To Disconnect Mobile Numbers; WhatsApp Calls Starting With +92

    The DoT has cautioned on misuse of mobile numbers, WhatsApp calls from foreign origin mobile numbers (like +92-xxxxxxxxxx) impersonating Government officials.
     

  • Safeguarding India’s Digital Frontier: Unveiling Ransomware Challenges And Cybersecurity Strategies |

    The global expansion of the technology ecosystem has led to a significant rise in cybersecurity challenges. India, too, faces these challenges, underscoring the crucial need for robust measures and collaborative initiatives to ensure the safety, integrity, and continual growth of our cyber ecosystem.

    Recent findings from the Data Security Council of India (DSCI), an active consortium of cybersecurity ecosystem participants, reveal a projected demand for 64,000 cybersecurity professionals in India. The DSCI anticipates a substantial increase in the demand for cybersecurity products and services, expecting the workforce to grow from 1.10 lakh employees in 2019 to over 10 lakh employees by 2025-26. Despite the rising demand and salaries in the cybersecurity industry, a notable concern is the projected 30% demand-supply gap by the end of 2023.

    The alarming gap in the cybersecurity workforce isn’t confined to national borders but spans globally, reaching an impressive 4.7 million by 2023. Despite this, the workforce gap has notably widened, experiencing a substantial 26.2% year-on-year increase in 2022. This underscores the pressing need to urgently address and narrow the expanding imbalance within the cybersecurity workforce.

    Ransomware attacks have become increasingly common. When asked why they predominantly affect SME and MSME sectors, Kaushik Ray, COO of WhizHack Technologies, explained, “The SME and MSME sector, lacking regulation, face heightened cyber threats. Sophos’ report reveals that 83% of targeted organizations have under 1,000 employees, with missing logs in 42% of attacks. Despite holding valuable data, limited resources and a false sense of security make them vulnerable. The improved cybersecurity infrastructure is evident in a 44% decrease in ransomware ‘dwell time.’ However, with the rising sophistication of attacks, SMEs, adopting technology at just 36%-37%, remain at risk. A crucial shift in mindset and substantial technology adoption is necessary for robust cyber defense.”

    With each passing day, hackers are advancing their techniques in tandem with technology. It raises the question of whether there’s a standard module or if hackers employ diverse techniques to target businesses. Ray said, “These attacks evolve constantly, with hackers keenly aware of defense levels. They possess a well-developed playbook to navigate defenses. SMEs are especially vulnerable to spam, phishing, DDoS attacks, ransomware, and corporate account takeovers. As MSMEs shift to the cloud for digital transformation, the risk of cyberattacks on cloud services increases. Security experts note that smaller organizations using Infrastructure as a Service (IaaS) are particularly susceptible to cyber extortion attempts, where ransomware encrypts files, demanding payment for decryption keys.”

    Regarding the sophistication of ransomware attacks, he said, “India has faced a surge in state-sponsored attacks, a concern we’ve highlighted since our inception. Over the last three years, these attacks have increased by 278%. State-sponsored attacks inherently possess complexity and sophistication. Until September, service companies in India, particularly in IT and BPO, reported the majority of these incidents. The same report notes a 460% increase in attacks on government agencies and a 508% rise in the SME sector. Ransomware attacks are proliferating in the cybersecurity sector, evolving beyond existing defenses. The most severely impacted and vulnerable is the SME sector. Modern cyberattacks utilize advanced tactics, circumventing traditional malware detection and operating within the intricacies of their targets’ environments, aiming to steal data, install ransomware, encrypt data, and cause widespread disruption.”

    It’s evident that the cyber attacks on MSMEs and SMEs are very common now and affect the entire economy at a large scale. Kaushik believes that India’s position is not very good. The WhizHack COO further said, “Once again, based on the numbers, globally, state-sponsored attacks stand at 68%, while India stands at 72%. Many Indian SMEs, integral to the nation’s growth, face heightened susceptibility to global ransomware attacks, exposing them to risks such as service disruptions, delivery delays, and significant financial losses. To address these threats, organizations need to proactively prepare and establish recovery strategies in anticipation of potential attacks. There is a significant dependency on threat countermeasures and reactive approaches, such as firewalls and anti-malware software, which are proving insufficient against increasingly sophisticated attacks. Simple yet cost-effective practices, which organizations often overlook, need to be implemented. The starting point is creating awareness.”

    Talking about how vulnerable the MSME and SME sectors are to these cyber attacks, the WhizHack COO added, “Ransomware attacks have affected a significant portion of respondents in the last two years, with 73% reporting an incident. Among those affected, 28% admitted to paying the ransom, while an additional 42.5% acknowledged the possibility of considering such payments. Cybercriminals are now also attempting to exfiltrate intellectual property from companies, victimizing industries like BFSI, Chemicals, Automobiles, Airlines, and Food & Beverage. A study revealed that industries considering ransom payments include Construction (74%), Technology (51%), and Energy (43%). Regarding the impact on specific sectors, Legal (92%), Financial Services (78%), Manufacturing (78%), and Human Resources Services (77%) were most likely to have experienced ransomware attacks. Construction companies, in particular, may find themselves compelled to pay due to potential losses of crucial plans, disrupting large contracts, and jeopardizing deadlines and downstream projects. In terms of impact, the Manufacturing and Technology industries ranked highest for ransomware incidents, with Retail and Wholesale experiencing a notable increase in victims throughout the year, rising from 9th place to the top three.”

    Now it is a fact that the government’s involvement and policy efforts have a significant ability to improve the susceptibility of Small and Medium-sized Enterprises (SMEs) to ransomware. Yet, the effectiveness of these actions depends on how carefully they are put into practice, how easily they are accessed, and how well they address the specific challenges faced by the sector. A well-thought-out and complete plan that includes these elements can greatly strengthen SMEs against ransomware attacks.

    Government involvement and strategic policies can significantly enhance SME resilience against ransomware. Meticulous implementation, accessibility, and tailored solutions are crucial. “To initiate this process, providing financial support for cybersecurity measures, implementing training and awareness programs, establishing regulatory standards and compliance support, offering incident response and recovery assistance, and fostering collaborative information sharing are essential components,” he suggests.

    There’s a significant need for an approach that equips the sector to confront and mitigate the threat of ransomware more effectively. It is high time when it must accelerate technology adoption, necessitating a mindset shift. “Addressing naivete, a lackadaisical cyber defense approach, and distrust is imperative. Adopting best practices is crucial, including employee training, robust password use, Multi-factor Authentication (MFA), regular software updates, and investing in effective Firewalls and Antivirus Software. Continuous technology review and updates are essential, as cybersecurity is an ongoing commitment. Like a virus, cyber threats evolve, demanding a proactive defense. Well-planned data backup mechanisms and regular cybersecurity drills are equally vital, akin to fire drills.”, says Kaushik Ray.

    WhizHack Technologies, a 100% Make in India firm, offers services and solutions to businesses to mitigate ransomware-related vulnerabilities and is actively making changes to enhance the integrity of its services. 

    “By simulating a ransomware attack, one can not only enhance awareness of ransomware security within a company but can also assess the effectiveness of systems in preventing and detecting ransomware, and provide customized advice to improve overall defense against ransomware. This simulation involves a proactive and controlled exercise designed to replicate a genuine ransomware attack in a secure setting. It serves as a deliberate test by organizations to assess their preparedness and response to a simulated cyber threat without causing any actual harm to their systems or data,” said Ray.

    It is believed to a large extent that cybersecurity is very expensive, which is why the SME sector players have been fence-sitters in adopting and upgrading their cyber defense. It is good that Swadeshi companies are working to help the MSME and SMEs by building a safe cyber-ecosystem and software in India.